Malicious code in niji-react-input (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 308202af28f18471be931243021c6ecf4079323996579d3da01c5b193e94bc7f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in niji-react-icon (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3647824806820bc4dec51343c82379b9993e030f8e9ccfcfded364905ec87d21 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3078 Malicious code in niji-react-prettybytes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 572b7b0cfab3e7ae5f10e6653440bf2e9d094c7ca66110eef06083fcc94840e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3077 Malicious code in niji-react-input (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 308202af28f18471be931243021c6ecf4079323996579d3da01c5b193e94bc7f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3074 Malicious code in niji-react-alert (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 131b1e825df158dacd4bb111ea02f0cf4a2c4374c18c8466ee2ad1e3bcb1b927 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3081 Malicious code in niji-react-textarea (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware db947d966d8d0b7be248b2cc89616fdf14c8a5f7b2d6c7ca11dbfebe6e851914 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3082 Malicious code in niji-react-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b0f37153a7862a4b1e5abd871385e93b6535a8bb834f03fc9bb83b9e7be6640 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3079 Malicious code in niji-react-select (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17dc01f92bc84168459b0c07238c88fe320f39e19f59414a938a8ef55226045e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3076 Malicious code in niji-react-icon (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3647824806820bc4dec51343c82379b9993e030f8e9ccfcfded364905ec87d21 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nationalgeographicsociety/ngsui-core-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c79788b32fb541eecf3d0b0268cd2e201328ab9caf252358c1f9106c193acf3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nationalgeographicsociety/ngsui-addons-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d522cf6892b9363520f72cb2c024bbcf7d63238df065658694ca622082b1be9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@akrc/fnpm (=1.13.1), @buttery/studio (>=0.2.3 <=0.3.1) +67 more potentially affected by CVE-2025-31137 via @react-router/express (>=7.0.0 <=7.4.1-pre.0)

@react-router/express NPM version =7.0.0, =0.2.3, =0.1.0, =0.0.1, =2.1.0, =0.3.1, =0.0.13, =1.0.0, =0.0.0-semantically-released, =1.0.1, =6.0.0-canary-001, =6.0.0-canary-001, =6.22.0 and more Source cves: CVE-2025-31137 Source advisory: OSV:GHSA-4Q56-CRQP-V477...

GHSA-4Q56-CRQP-V477 Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headers

Impact We received a report about a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an incoming Request by putting a URL pathname in the port section of a URL...

Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headers

Impact We received a report about a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an incoming Request by putting a URL pathname in the port section of a URL...

CVE-2025-31137

React Router is a multi-strategy router for React bridging the gap from React 18 to React 19. There is a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an...

CVE-2025-31137 Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headers

React Router is a multi-strategy router for React bridging the gap from React 18 to React 19. There is a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an...

CVE-2025-31137

Summary: A Host/X-Forwarded-Host header manipulation vulnerability in Remix/React Router affects Remix 2 and React Router 7 users using the Express adapter. An attacker can spoof the incoming Request URL by placing a pathname in the URL’s port section of a header-hosted URL, potentially altering ...

CVE-2025-31137 Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headers

React Router is a multi-strategy router for React bridging the gap from React 18 to React 19. There is a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an...

CVE-2025-31137 Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headers

React Router is a multi-strategy router for React bridging the gap from React 18 to React 19. There is a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an...

CVE-2025-30210 Bruno XSS On Environment Name

Bruno is an open source IDE for exploring and testing APIs. Prior to 1.39.1, the custom tool-tip components which internally use react-tooltip were setting the content in this case the Environment name as raw HTML which then gets injected into DOM on hover. This, combined with loose Content...